locked
Azure VPN to SSG140 comes up, but shows no traffic other than keepalive RRS feed

  • Question

  • VPN to SSG140 comes up, but shows no traffic other than keepalive

    We have configured a VPN to our local network as follows:
    local network: 172.31.100.0/24
    azure network(s): 10.4.0.0/16

    The vpn comes up, and stays up. We see the keepalive traffic coming in on the on premise site (ICMP traffic from the network address 10.4.0.0 to the network address 172.31.100.0)

    We see the counters in the Azure webinterface going up as well: Both incoming as outgoing. The policies on our SSG140 allow all traffic, both ways.

    However, we cannot connect, both ways. No ping no tcp connections with telnet. traceroute from the on premise lan to the Azure network stops after the second hop: The first hop is the on premise gateway, the second the peer ID. Traceroute on the other side doesn't show anything.

    We are out of options. Anyone able to shed some light on this?

    Thursday, September 27, 2012 3:13 PM

All replies

  • You may want to contact SSG140 support on http://www.juniper.net/customers/support/. Also consider to use Windows Azure's own VPN solution: Windows Azure Connect.
    Friday, September 28, 2012 8:00 AM
  • Jiang , thanks for your reply.

    We have completed the steps suggested by Juniper support already and this didn't help.

    We use the Azure VPN (or virtual network) option because we wan't to connect the 2 networks and not just a single server as i believe happens with Azure connect.

    Friday, September 28, 2012 9:14 AM